Tech Companies Deny Letting NSA Have Realtime Access To Their Servers, But Choose Their Words Carefully

from the worth-watching dept

We've already talked about James Clapper, the Director of National Intelligence choosing weasel words to pretend they're saying that they weren't spying on Americans when they really were, and now some are arguing that the tech companies are doing the same exact thing. All of the tech companies listed have been denying their involvement, but again, the words are being chosen carefully, and there's a reasonable argument that they're denying certain specific claims while really side-stepping the bigger issue.

Comparing denials from tech companies, a clear pattern emerges: Apple denied ever hearing of the program and notes they “do not provide any government agency with direct access to our servers and any agency requesting customer data must get a court order;” Facebook claimed they “do not provide any government organisation with direct access to Facebook servers;” Google said it “does not have a ‘back door’ for the government to access private user data”; And Yahoo said they “do not provide the government with direct access to our servers, systems, or network.” Most also note that they only release user information as the law compels them to.

But the PRISM program’s reported access to data and the now repeatedly confirmed widespread access to phone records and other types of digital data appears to be almost exactly what the 2008 Protect America Act (PAA) allows Foreign Intelligence Surveillance Act (FISA) courts to compel tech companies to do — as many warned around the time of its passage. If tech companies are not providing direct access to their servers but are cooperating with the PRISM program, that leaves at least one other option: Companies are providing intelligence agencies with copies of their data.

Note the fine distinction. Giving the NSA a clone of their data wouldn't be giving them "access to our servers." It would be giving copies to the NSA... and then the NSA could "access" its own servers. And you were wondering why the NSA needed so much space in Utah. If they're basically running a replica of every major big tech company datacenter, it suddenly makes a bit more sense. Of course, at this point there's no evidence that this is necessarily the case -- and some are insisting that the denials are legit, and that the Washington Post's story is not entirely accurate. But... the wording here is extra careful, and the government's report really does seem to indicate that these companies are deeply involved.

By the way, if you'd like to dig in on annotating the various tech companies' denials, someone put them all up at RapGenius, the site for annotating text (not just rap songs).

Redundancy

Hold the phone here. The USG is cloning data. From that cloning, they're creating a more complete picture of the people they're spying on which is everyone. But that information can be hacked or retrieved and it making clones which are shared by the NSA, the FBI, and the DoJ just as an example.

But this creates a lot of redundancy. Why continuously clone the same data? And how do you prevent it from falling into the public's hands?

I really think the government is pushing themselves into an indefensible position from a logical perspective. The government believes it doesn't have to follow the Constitution. It doesn't believe that it has to protect the rights of citizens. It can spy on anyone that it wants. It protects the aristocracy in a number of ways. We've seen that these people won't prosecute HSBC or any large scale fraud. They'd rather waste resources going after drugs and societal problems that could be resolved in much better ways.

It's not a government of, by, or for the people. It's a government running scared and not learning from its mistakes. In fact, it's creating even more and causing the public to lose faith in it. That's not disappointing. It's downright tragic. What's the use of a government that protects some of us, but not all of us? What's the point of a government running scared and hiding behind minutiae instead of working with the public?

A perfect example of 'You scratch my back, I'll scratch yours'

At this point I'd say it's a little bit of both, with government and private companies pulling stunts like this jointly, as it serves both parties' interests to have as much information about the public as possible, so blaming one side over the other would accomplish nothing and be doing exactly as they'd like you to.

Re: A perfect example of 'You scratch my back, I'll scratch yours'

At this point I'd say it's a little bit of both, with government and private companies pulling stunts like this jointly, as it serves both parties' interests to have as much information about the public as possible, so blaming one side over the other would accomplish nothing and be doing exactly as they'd like you to.

The anti-government arguments facilitate dismantling all government programs that some people don't like. And the privatization approach allows whatever tax money that is collected to be funneled to certain corporations.

I continue to believe there is a reason for the anti-government articles without the same people calling out private data collection. It's a way to simultaneously eliminate government interference in private data collection while at the same time paying more government money to private contractors to do it.

It's how the military-industrial complex has been operated. Call for smaller government, then get into office and funnel lots of money to private contractors.

Loading

Cloning makes sense, as other than passing over the new data, it puts search loads on government owned servers. It is quite possible that government searches would be a significant load if run on company servers, especially as some of it would be outside the companies normal queries.

Whatever data they happen to have at present

Even if this massive spying on citizens were to stop, does anyone believe the government can ever let go of this data now that they have it.

In fact, do you think that anyone in government could bring themselves to ever scale back this spying. Some might want to prevent its expansion, but I doubt anyone wants to or would be able to ever scale it back.

Like the federal budget, like politicians' ethics, like an object near a black hole, the size of this spying can move in only one direction.

Re: Whatever data they happen to have at present

In fact, do you think that anyone in government could bring themselves to ever scale back this spying. Some might want to prevent its expansion, but I doubt anyone wants to or would be able to ever scale it back.

I think government will quit. It will just all be done by private contractors who will be less accountable than government.

Re: Re: Whatever data they happen to have at present

I think this is where it is headed. Private contractors fight the wars. Private companies collect and analyze the data.

"Private" is not inherently better than "government."

Pentagon Has No Idea What 108,000 Contractors Are Doing: "According to CRS, there are now 108,000 private workers in Afghanistan, a workforce that dwarfs the 65,700 American troops still stationed there. That means there are 1.6 contractors for every American soldier in Afghanistan. This is an increase from last month, when The Fiscal Times reported that there were 1.4 contractors per American soldier."

Speaking of "weasel words," when are you going to ever take a position on copyright, Mikey? Or are you just so darned unable to have any opinion whatsoever? LOL! You're a complete coward and you know it. I fucking dare you to have an honest discussion with me.

Re:

DNI Clapper: Tech companies are lying

Yesterday, Director of National Intelligence James Clapper confirmed the existence of the Prism program. While he stated that the Guardian and Washington Post stories contained “numerous inaccuracies”, he did confirm the existence of the programs.

Re: PRISM and XBox One

Meh it's like everything else, let M$ rollout a nice gaming platform below cost, then just put a peice of tape over the camera lenses and clip the microphone and solder in an audio wire from a cheap old ipod and pipe in Rick roll 24/7.

The reason for CISPA

This is the reason they have been trying to push CISPA through - so they can finally make it legal to do what they've been doing.

At this point, they pretty much know they've fucked up - and they're trying their hardest to keep it a secret while they attempt to put in place a law that saves their asses.

Someday, history books will look back on this as a scandalous time when the U.S. government raped its citizen's privacy for no good reason. I'm sure it will be looked upon as a dark ages of the internet revolution.

Re: The reason for CISPA

I continue to point out that you could eliminate government completely and we'd still be under surveillance.

Opinion: The Internet is a surveillance state - CNN.com: "The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we're being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period."

Re: Re: The reason for CISPA

I agree this will be the tragic story of the internet. Created with the dream that now the citizens have a free voice to share with the world and receive un-filtered information, and instead becomes a trap where our entire lives become open for those who choose to watch.

Re: Re: The reason for CISPA

I completely agree. Which is why yesterday when the first article about this came out I suggested that I was nearly to the point in my thinking that we need to completely do away with privacy for everyone and everything, so that we at least have a level playing field.

Given the additional information since that post, I am not longer on the fence about my feelings. It has solidified and I now believe that the only way going forward that we will be able to retain any form of freedom is for us to live in a secret (thus privacy) free state. This means no state secrets, no personal secrets, nothing is private (I'll give you the bathroom but nothing else). It should all out there legally for any one to see. The only time it becomes illegal is when someone, or something, tries to hide it.

I do not stated this lightly. American principles have been ingrained in me since birth, some 41 years ago. But technology has rendered this concept unless and to go on living like it is an enshrined right of all Americans (I only say Americans because at some point it was decided that if you weren't born here that you don't get our rights), is not only stupid but dangerous. At this point it no longer protects the average citizen, it only protects those have the resources to hide stuff.

Re: Re: Re: The reason for CISPA

Which is why yesterday when the first article about this came out I suggested that I was nearly to the point in my thinking that we need to completely do away with privacy for everyone and everything, so that we at least have a level playing field.

Which is probably the most realistic solution. And a number of the sharing companies are hoping to develop a reputation/trust gauge so you know who you can trust to share stuff with.

What I want are better systems to protect against ID theft. So when technology can prevent or limit theft, that will be good.

And can you imagine what it will be like when we know just how much money the very wealthy have and what they are doing with it? Total global transparency will be very interesting. Imagine when we all know everything about everyone. No secrets at all.

Re: Re: Re: The reason for CISPA

all companies do as the government says, do as they are told simply because today, everyone is afraid of the government! instead of maki9ng people feel safe, they now feel intimidated, spied on and unsafe due to the constant lies that are told! the constant avoiding of the issues that happen. all this 'we need to know exactly what you are doing every second of every day, we need to know every person you talk to, whether in person or by other methods, we need to know everywhere you go and when' is going over the top!'makes people more insecure, more scared and more untrusting of the very people they should have every confidence in. when all these things happen covertly, it makes things even worse! we are told 'if we have nothing to hide, we have nothing to fear'. it seems to me the government itself needs to apply that saying to itself!!

Re:

all this 'we need to know exactly what you are doing every second of every day, we need to know every person you talk to, whether in person or by other methods, we need to know everywhere you go and when' is going over the top!'

That's what companies are doing in the name of profit. They are tracking everything we do so they can figure out how to sell us more stuff or to sell our data to companies that want it. The surveillance is built into all of our high tech gadgets because it benefits private companies.

Know who is in your computer

As this week's news shows, it's becoming increasingly clear that the government has been using data acquired through corporate activity to spy on citizens.
If you don't like the idea of the government spying on your computer, then you need to get control of the commercial spying that almost all of us have been allowing to occur.

For those who would like to put a stop to this, but perhaps don't know where to start, step 1 is knowing who is doing the spying. There are many ways to do this, but I suggest some free Nirsoft tools. Network TrafficView will give you are real-time picture of the IP addresses which are communicating with your computer. You can then use DNSDataView to identify the companies that are behind the IP addresses.

Armed with that information, you can start blocking. You can block by domain name, IP address and in some cases by port number.

Re: Re: Know who is in your computer

Yes, it's "whack-a-mole", but is there any way to address the issue that does not involve constant vigilance?

As to Linux, BSD and the like, yes, I run those too. You are kidding yourself however if you think you aren't being watched when you use a browser on a Linux machine. Using Linux only decreases the extent to which you are being spied upon. It does not eliminate it.

On top of that I toyed with the idea of getting a Facebook account but instead of using plaintext I just encrypted all the text, so if you want to read it you need a key, don't upload images because there is no scrambling image protocol available that is easy to use or secure enough.

Just throwing this out there, but some people will say "but, but, SSL/HTTPS!"

Google the phrase "compelled certificate creation attack". If the root CAs have been compelled to allow a proxy box to be in the middle of the certs process, then they hold the real cert while the two parties have the "legally" forged/compelled certs. When crypto keys get exchanged, they see all the traffic, so the rest is open-book.

Re:

"This www.GRC.com web site always uses Extended Validation (EV) certificates. So if you are viewing this EV site through a properly-designed web browser, such as Firefox or Chrome (but not Internet Explorer, since Microsoft deliberately allows EV indications to be forged) and you DO see the special EV treatment in the address bar, then you KNOW your connection to US is NOT being intercepted (and also that this page's contents have not been altered!) But if the special EV indication is NOT being displayed . . . then you instantly know that something IS intercepting and spoofing this web site's certificate!"

Spying is Good!

You guys are missing the big picture! The government is amassing this data for your benefit. Using this data, they can create an almost perfect digital clone of you. Then they can run the clone in a virtual paradise forever! They are giving you life eternal, and you are spitting on them for it. You horrible, horrible people!

Re: Spying is Good!

Using this data, they can create an almost perfect digital clone of you. Then they can run the clone in a virtual paradise forever! They are giving you life eternal, and you are spitting on them for it.

You do realize that in a way Google is already associated with this. It hired Kurzweil.

Ray Kurzweil - Wikipedia, the free encyclopedia: He believes that with radical life extension will come radical life enhancement. He is confident that within 10 years we will have the option to spend some of our time in 3D virtual environments that appear just as real as real reality, but these will not yet be made possible via direct interaction with our nervous system.

Or it could be even more machiavellian...

I think the story is probably legit, but once you've gotten that far, why not go full on conspiracy theorist:
The administration was prepared for the eventual leak of the telco data. They then pile on a deliberate leak of a much more extreme breach that will grab the headlines. This is eventually shown to be false, the journalists involved are discredited and the telco thing is forgotten as collateral damage.

I don't know how much confirmation the Guardian could have gotten before running with this story - after what happened to Bradley Manning, there can't be too many people willing to blow the lid on something this big. Therefore, it could all come down to something easily forged.

I'm not normally a conspiracy theorist - the twin towers were an act of terrorism, climate change is real, and the only chemicals in the chemtrails are flouride :) - but this story is either true (in which case it's a conspiracy) or it's a distraction (in which case it's a conspiracy).

What Happens Now?

It will be interesting to see what happens next. The NSA Director lied to Congress, and it remains to be seen what, if anything, will happen to him.

On an broader scale, this is huge because almost all branches of government were involved, and it seems to be technically legal based on some language trickery.

I'm wondering what we the people can do to fix this. Impeachment might be an overreaction, but perhaps one or many "We The People" petitions?

I think a lot of us are enthusiastic about doing something, but we just don't know what we can do to cause effective change. Virtually every branch of government has been defiling our bill of rights, one amendment at a time.

Re: So...

The NSA may not be collecting the data, just receiving it after it is collected by the companies themselves. Interesting.

"Your honor I didn't steal the property in question. It was given to me by a third party who stole it. So, the charge of theft is not applicable."

Here's how to get around it. The government just buys the data like any other company doing business with the data collection companies. As long as private companies can gather and sell data, the government can buy it too. No theft involved on the government's part. You have to go after the private companies gathering data if you really want to stop it. And too many companies want to collect that data for it to stop. They want the freedom to collect as much data on everyone as technology will allow. And they don't want laws to force them to disclose anything.

Essentially private companies want the freedom to do whatever they want without government interference. That's the bigger issue.

But big tech knows better

Look, government wants this data, and may or may not be using it well.

But Google, Facebook, and other companies seem to assume that they can collect all of the world's data and use it because they know what's best for us.

Whether you have government officials who think they know what's best for the world or whether you have private companies that know what's best for the world, you end up with similar thinking.

I've been coming down hard on big tech because of what those involved in big tech say about their worldview. I'm wary of concentration of power in anyone's hands. I don't believe gigantic tech companies are inherently preferable to giant government operations.